Cyber-Warfare Community (original) (raw)

Colin Brine
CJ 341
Final Paper
Date Due: 11/4/04
Date Submitted: 11/4/04

Military Information Warfare

The role of the Military has particular interest on how to prevent, deal, and work with information warfare and it many components. Before it can be dealt with, it must first be defined: “Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary's information, information based processes, information systems, and computer-based networks while protecting one’s own. Such actions are designed to achieve advantages over military or business adversaries. –Dr. Ivan Goldberg, Institute for Advanced Study of Information Warfare”(Ch. 7) Information warfare does not only affect the military, it also affects the civilian sector.

Information warfare is not like any other traditional war, it hits much closer to home and often without people even noticing. “When we speak of information warfare, we are by no means limiting our consideration to computer technology and networks. We shouldn't have a limited view of that.”(interview) There is no clear enemy, no clear sides, everything is obfuscated from easy identification. “...the ubiquitous nature of computers and associated technology has created new forces, new threats, new targets, and an accompanying need for new offensive and defensive weapons”(Ch. 7) There is little chance of a life or death situation, so the press does not record what is happening directly in these “white collar wars.” Because informational war only has economic and political consequences most cases, it does not come up in most peoples' lives for it is not something that is easily noticed and that people are often on the look out for.

There are varying levels of information warfare, defined specifically by Winn Schwartau. The first level is considered interpersonal damage, which is mostly regulated to the civilian sector. It includes fraud and theft, such as credit records, harassment, such as interruption of medical services, and loss of privacy, such as stolen medical reports. The second level is of inter-corporate and business damage. This can also go on between different military operations and embassies. This often includes industrial espionage, sabotage, or theft of money or services. The third and final level of information warfare set by Winn Schwartua is that of international and inter-trading block damage. This is the systematic use of the first two levels of information warfare in a way to disrupt and destabilize societies and entire economies. This can be used by terrorists, extortionists, and foreign governments.(Ch. 12) The levels of information warfare directly correlate to both the military and the civilian sector.

Since information warfare can be considered quite broad, almost all of the armed forces of the Military can be considered to work with it in one shape or another to further their own goals. Much of any war now has to do with communication, and in the new millennium computers are a vital factor in a majority of governments and militaries. With the new threats that come with the new technologies, there are ever changing ways to deal with these problems.

The civilian sector of information warfare and the military sector both focus on different aspects, though they are closely intertwined. This was best presented in an interview with M.E. Kabay: “Most people in the civilian government don't think about aggressive cyberwar, most people on the civilian side are concerned with defensive strategy ... [of] thinking of cyberwar from the point of view of the victim. ... from a military standpoint, however, there has been a great deal of interest around the world in offensive information warfare as well as defensive.”(interview) The military is well known for having advance technology, many of the leading civilian technologies being released top secret technology from years past. There are many different techniques used for attacking systems, in both the civilian and military sides of information warfare.

Penetration techniques are used to break into any form of system, giving a government or civilian hackers free reign to do with what they will. The first and most common of these penetration techniques is called “Social Engineering.” This term is used to refer to the process of gathering information from places which people have discarded it, through physical and technical means. It could be anything from digging through a dumpster to find files that might give access codes, to scanning a hard drive for deleted files that might have important information. Social engineering is not set in stone, because it handles almost any way, shape, or form to acquire something that someone should not have access to. An example of this would be a hard disk with high security information on it that has been deleted, but not to the extent where it could be located again, and thought to have been cleared from the disk so that the disk may be reused in another computer, only for that person to find a large cache of possible classified information at their fingertips. Another example would be bribery, a unhappy person being paid money to give important files or disks over to someone that should not have access to them, just for a sum of money. The broad range of social engineering makes it very dangerous indeed. (Ch. 12)

Another way that the military or a civilian can get information is through eavesdropping. This practice has been in use for a very long time already, and now it has taken then step into the data world. Wire taps used for telephones now can monitor data over a modem, or radio emitters can send phone conversations outside buildings. There are also many more ways in which one can eavesdrop, or listen, to the information of someone else. Another simple way of getting into a system is called intrusion, or using bad security as a quick route. If something is not protected and easily accessible, through bad and easily crackible passwords, or an unprotected modem, it is almost free game for any form of hacker. These things are often left because of lack of knowledge on the subject of security, lazyness, or arrogance. Brute force techniques are used when programs are made to try almost every possible combination of codes and passwords to get into a system, allowing the computer access after a large amount of trial and error.(Ch. 12) There are also many more ways of which someone can gain access to information or a place where they should not be.

There are many different methods for the disruption of information in any field, and there are many specific programs designed to interrupt, record, disrupt or destroy data. “Programmatic attacks include, among others, Trojan Horse programs, logic bombs, worms, viruses, knowbots and cancelbots.”(Ch. 12) Trojan horse programs are programs that are used to mirror other working programs, but add additional functions that are beneficial to the creator of the program. One such program could be a login screen for a website, which may act and function the same as the website, but send the actual username and password to a third party source who can use it for their own personal gain. Logic bombs are sets of code in programs that are designed to destroy or change data with a certain trigger, often a time or a date. If the programmer who places such a bomb does not destroy it, much useful data can be lost because these are fairly difficult to find. Worms are programs that duplicate themselves on multiple computers over a network, often along with harmful code. Viruses are codes and programs designed specifically to be harmful to a system. Knowbots are like worms in that they move from system to system, but they are designed to send back specific information to their controller. Cancelbots are a specific type of knowbot that are designed to seek out and destroy e-mail and other communications, often associated with destroying spam, though it can destroy legitimate mail as well. These are all different types of programmable attacks, and there are still more ways of using such devices together to attack. (Ch. 12)

Denial of service attacks are also quite common, attacks that shut down a system because they are asked to perform too many different tasks at once, they overload the system capacity and cause the systems to have to shut down, or deny service. And one more kind of attack can be a physical attack on a system, including sabotage, and ElectroMagnetic Pulse Transformer bombs. All of these tools and more, worked together, are an amazing offense that any professional, civil or military, can have at their fingertips. (Ch. 12)

The ease of which civilians and the military both operate with such powerful tools really highlights the vulnerabilities in the systems that are set today. The military has some of its own completely private networks, but most of the networking is done over the same systems that the civilians use. This closeness makes it very important for the military to be on top of technology in both offense and defense, so that they will not be taken advantage of. “Just as emergency preparedness in the world of bridges and roads naturally involves close cooperation between civilian and military authorities, so should emergency preparedness in the world of gateways and networks.”(Ch. 12) The cooperation between military and civilian authorities is the key to the future of information warfare.

Bibliography

Bosworth, Seymour. “Chapter 7.” Computer Security Handbook. 4th ed. (.pdf file from Prof. M.E.
Kabay)

Kabay, M.E. “Edited version of Chapter 12” The NCSA Guide to Enterprise Security. McGraw-Hill, 1996.
Kabay, M.E. Personal interview. 3 Nov. 2004.